package com.example.security.config;

import com.example.service.JwtBlacklistService;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
import org.springframework.security.oauth2.server.resource.web.BearerTokenResolver;
import org.springframework.security.oauth2.server.resource.web.DefaultBearerTokenResolver;

public class HybridBearerTokenResolver implements BearerTokenResolver {
    private final DefaultBearerTokenResolver headerResolver = new DefaultBearerTokenResolver(); // 使用默认构造函数
    private final JwtBlacklistService blacklistService;

    public HybridBearerTokenResolver(JwtBlacklistService blacklistService) {
        this.blacklistService = blacklistService;
    }

    @Override
    public String resolve(HttpServletRequest request) {
        String token = headerResolver.resolve(request);
        // 黑名单检查逻辑
        if (token != null && blacklistService.isTokenBlacklisted(token)) {
            throw new OAuth2AuthenticationException("Token 已经注销");
        }

        return token;
    }
}
